**Session Date/Time:** 20 Mar 2025 08:00

# dult

## Summary

The dult working group session focused on two main documents: the threat model and the accessory protocol. The threat model discussion centered around updates to the document, methods to circumvent the protocol, design requirements, and open issues, including the use of laptops as tracking devices, identifying paired devices, and the use of Bluetooth versus other technologies. The accessory protocol discussion focused on the implications of printing non-serial number unique identifiers on tags and the possibility of remote disablement.

## Key Discussion Points

*   **Threat Model:**
    *   Updates to the threat model document, including sections on methods to circumvent the protocol and design constraints.
    *   Discussion of requiring laptops that can be activated as tracking devices to implement the protocol. The consensus leaned towards requiring implementation.
    *   Determining if identifying all devices paired with a tag is in scope and how to address this.
    *   Balancing active and passive scanning for tag detection, considering power implications and user customization.
    *   Defining the scope regarding devices using Bluetooth vs. other tracking technologies (e.g., GPS trackers with cellular backhaul). The consensus was to focus on crowdsourced location tracking leveraging Bluetooth.
    *   The IETF will look at adopting the "finding protocol" draft.
*   **Accessory Protocol:**
    *   The limitations of printing non-serial number unique identifiers on tags for law enforcement purposes, considering that networks may still require electronic versions of identifiers.
    *   Considering legal and regulatory issues around the protection of tag owner privacy vs. the need to identify tags used for unwanted tracking.
    *   The necessity of physical serial numbers for tags, also for non-DOT use cases.
    *   Exploring remote disablement of tags when physical access is not possible, with considerations for misuse and conditions under which it should be allowed.
    *   Concerns about mass disablement of tags in public spaces (e.g., trains) and the need for safeguards.
    *   Exploring temporary disabling vs. permanent disabling.
    *   Clarification of the threat model for trackers in regards to knowledge of the attacker versus the stalked individual.

## Decisions and Action Items

*   **Action Item:** Maggie will follow up with Eva regarding current Apple serial number/device ID practices and propose a way to address her concerns about identifying paired devices.
*   **Decision:** Lean toward laptops being required to implement the protocol
*   **Action Item:**  IETF will look at adopting the "finding protocol" draft and see if the original authors are still available to help.

## Next Steps

*   Address open issues in the threat model document, including those raised during the meeting.
*   Work on defining conditions for remote disablement in the accessory protocol document.
*   Consider the input from Barry Leva and other reviewers on terminology.
*   Continue discussions on the mailing list.
*   Explore the possibility of an in-person interim meeting.